In late February 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a critical alert regarding a ransomware attack targeting Trimble Cityworks, an asset management platform widely used by local governments and infrastructure organizations across the United States. The attack, detailed in a report by Cyber Security Hub, exploits vulnerabilities in Cityworks’ systems, enabling attackers to encrypt critical data and disrupt municipal operations. This incident, discovered in early 2025, has raised concerns about the security of software integral to managing public infrastructure, from utilities to public works.

Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

On July 25, 2025, the city of St. Paul, Minnesota, faced a digital onslaught that brought its municipal systems to a standstill. What began as "suspicious activity" detected on the city's internal networks quickly escalated into a confirmed cyberattack, described by Mayor Melvin Carter as a "deliberate, coordinated digital attack" orchestrated by a sophisticated external actor. The breach targeted critical infrastructure, forcing the city to shut down its IT systems, including Wi-Fi in public buildings and online payment services. This unprecedented disruption prompted a state of emergency, as St. Paul grappled with the immediate fallout of an attack that has left residents and officials scrambling to restore normalcy.

Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

A new ransomware strain, dubbed Gunra, has surfaced as a significant threat to Windows systems, with attacks detected as early as July 2025. This sophisticated malware, identified by security researchers at Palo Alto Networks’ Unit 42, targets both individual and enterprise Windows environments, encrypting critical files and demanding cryptocurrency ransoms. Unlike typical ransomware, Gunra employs advanced obfuscation techniques and targets system vulnerabilities, making it a formidable challenge for cybersecurity defenses. Organizations and users are urged to stay vigilant as this threat continues to evolve.

Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

Microsoft has issued an urgent security advisory addressing two critical vulnerabilities in SharePoint Server, identified as CVE-2025-53770 and CVE-2025-53771, which have been actively exploited since July 7, 2025. These zero-day flaws allow attackers to bypass authentication and execute remote code, posing a severe risk to organizations relying on SharePoint for collaboration and data management. The vulnerabilities, discovered by security researcher Nguyen Jang, affect all supported versions of SharePoint Server, including Subscription Edition and 2019. Microsoft’s swift response includes patches to mitigate the threat, but unpatched systems remain highly vulnerable to sophisticated cyberattacks.

Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

In a bold move to counter North Korea’s illicit financial operations, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Korea Sobaeksu Trading Company and three individuals—Kim Se Un, Jo Kyong Hun, and Myong Chol Min—for orchestrating a fraudulent IT worker scheme. This operation, designed to bypass U.S. and U.N. sanctions, has funneled millions into Pyongyang’s weapons of mass destruction (WMD) programs. By infiltrating over 300 U.S. companies with fake IT workers, the scheme generated an estimated $17 million in illicit revenue, highlighting the growing sophistication of North Korean cyber operations. The sanctions underscore the U.S. government’s commitment to disrupting these covert revenue streams that fuel the Kim regime’s destabilizing agenda.

Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

In July 2025, McDonald’s faced a significant data breach involving its AI-powered hiring platform, McHire, developed by Paradox.ai. Security researchers Ian Carroll and Sam Curry discovered critical vulnerabilities that exposed the personal information of approximately 64 million job applicants. The breach stemmed from shockingly basic security flaws, including a default admin password of “123456” and an insecure direct object reference (IDOR) in an internal API, allowing unauthorized access to sensitive data such as names, email addresses, phone numbers, resumes, and chat transcripts with the AI chatbot “Olivia.”

Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

In July 2025, a sophisticated cyberattack campaign has emerged, leveraging Microsoft Teams to deploy Matanbuchus 3.0, a potent malware loader. This evolved version of Matanbuchus, available as a Malware-as-a-Service for as little as $2,500 on crime forums, boasts advanced stealth features like improved communication protocols, in-memory execution, and enhanced obfuscation. According to Morphisec, attackers are using social engineering tactics, impersonating IT help desk personnel via Teams calls to trick employees into granting remote access through Quick Assist. This campaign highlights the growing danger of trusted platforms being weaponized, making it critical for organizations to stay vigilant.

Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .

In May 2025, AT&T disclosed a massive data breach affecting approximately 86 million customer records, making it one of the largest cybersecurity incidents of the year. The breach involved sensitive personal information, including names, dates of birth, phone numbers, email addresses, physical addresses, and Social Security numbers. The compromised data was posted to a hacking forum, with samples provided to validate the claims, though AT&T’s investigation suggested the data was a compilation of previously leaked information, primarily from the 2024 Snowflake breach, rather than a new intrusion into their systems.

Buzz My Biz provides a unified cybersecurity platform ideal for business, education, healthcare, and local governments. Give us a call at (678) 389-9289 or schedule a meeting today .